1
In python, we could store project's dependencies in different ways. They could be stated in the setup.py file or in pip's requirements.txt file. Some programmers prefer to pin exact version numbers some are not. I'm belonging to the first group.
Although pinning exact version numbers keeps me from accidental update to a backward incompatible versions, it also keeps me from updating (and more importantly from discovering) to a bug/security fixes, introduced in these new versions.
What do you use to follow 3-party libraries updates? How to solve this problem and keep on a bleeding edge?